Your primary role would be to support and coordinate global and internal initiatives. In your primary role you would be responsible for the end-to-end management of cybersecurity major incidents, leading and presenting all elements of the incident response lifecycle including identification, containment, and eradication. You will work with the wider team to ensure effective management and response to cybersecurity incidents.Responsibilities:Managing and coordinating cybersecurity incidents, including overseeing all aspects of the incident management and response process, and driving the incident to conclusion and lessons learned.Handling escalations from L1 & L2 SOC analysts and CISO teams, including complex and specialist investigations.Being the point of contact to lead cyber incidents managed by the Group Cybersecurity team, including contact with the technical/analyst teams and executive level stakeholders.Issuing status updates and other communications, providing key stakeholder management, including interpretation and presentation of technical topics to executives, and writing comprehensive incident reports for a variety of technical and non-technical audiences.Forming incident response plans with specific actions, roles and deadlines, and ensuring these are completed.Performing technical investigation and response activities using monitoring tooling including SIEM, HIPS/NIPS, AV/EDR, and UBEA.Providing threat and vulnerability analysis, as well as security advisory services to users and CISO teams.Providing oversight for specialist investigation functions including forensic examinations and investigative interviews, assisting where possible and ensuring they are undertaken in-line with relevant legislation and standards.Defining and supporting process, playbook, and methodology improvements, and support during audit and other documentation requirements. Provide relevant adjustments on the go to optimize and enhance efficiency and quality.Assisting with the correlation of incidents, identification of trends and systemic issues in security controls, and provide metrics and reports on weekly and monthly basis to relevant stakeholders.Contributing to the continuous improvement of the Cyber Defense Unit, including:Perform periodic analysis into the effectiveness of the use cases.Development and delivery of written and visual knowledge base documents.Facilitating and supporting lessons learned and process improvement following cybersecurity incidents.Keeping up to date with changing processes, technologies, and legislative requirements, and maintaining an in-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, and incident management.When not responding to incidents, you may be reactive to different roles and projects ranging across cybersecurity domains including but not limited to; user awareness campaigns, phishing exercises, vulnerability management, cyber-scenario exercises, and security assurance.As part of your responsibilities, you are expected to be a specialist in at least one of the below areas, and be willing to learn the other skills to a minimum baseline knowledge.Threat hunting: perform threat hunting to identify any threats or concerns on the infrastructure that wouldn’t be captured by existing use cases.Digital forensics: perform digital forensic investigations and forensic imaging using forensic tooling, including producing comprehensive reports.Malware analysis: perform reverse engineering and sandbox analysis of potentially malicious files and programs, including producing comprehensive reports.Investigative interviewing: perform the planning, delivery and reporting of investigative interviews with users.Qualifications:Bachelor's degree in Engineering, Computer Science, Information Technology, or a related field.3+ years of experience with information security related activities.Outstanding English communication, both verbal and non-verbal.Significant and proven experience of dealing with cybersecurity incidents, incident risk management, and associated response measures.Excellent communication skills (both spoken and written English), including the ability to write comprehensive incident reports and clearly articulate technical messages to a variety of audiences.Experience in technical investigation areas such as digital forensics, threat hunting, and enterprise scale security incident response.Strong attention to detail and the ability to handle multiple competing priorities and simultaneous cases in a fast-paced environment.Experience in the use of SOC monitoring and intrusion detection systems (such as Falcon CrowdStrike, Splunk ES, and Virus Total Enterprise), management and responding to and the tuning of alerts.A broad understanding of the cyber security threat landscape.Understanding of a wide range of information security and IT methodologies, principles, technologies and techniques